azaion/detections
1
0
Fork 0
mirror of https://github.com/azaion/detections.git synced 2026-04-22 22:16:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
64d3f828c87725822f6e04f19711f13fb2d4a39d
detections/_docs/04_deploy/ci_cd_pipeline.md
T
Oleksandr Bezdieniezhnykh be4cab4fcb [AZ-178] Implement streaming video detection endpoint 
- Added `/detect/video` endpoint for true streaming video detection, allowing inference to start as upload bytes arrive.
- Introduced `run_detect_video_stream` method in the inference module to handle video processing from a file-like object.
- Updated media hashing to include a new function for computing hashes directly from files with minimal I/O.
- Enhanced documentation to reflect changes in video processing and API behavior.

Made-with: Cursor
2026-04-01 03:11:43 +03:00

4.3 KiB
Raw Blame History

CI/CD Pipeline

Platform

GitHub Actions (default recommendation; adaptable to Azure Pipelines).

Pipeline Stages

Stage Trigger Steps Quality Gate
Lint Every push black --check, Cython syntax check Zero errors
Unit Test Every push pytest tests/ -v --csv=report.csv All pass
Security Scan Every push pip-audit, Trivy image scan Zero critical/high CVEs
Build PR merge to dev Build detections-cpu and detections-gpu images, tag with git SHA Build succeeds
E2E Test After build docker compose -f e2e/docker-compose.test.yml up --abort-on-container-exit All e2e tests pass
Push After e2e Push images to container registry Push succeeds
Deploy Staging After push Deploy to staging via scripts/deploy.sh Health check passes
Deploy Production Manual approval Deploy to production via scripts/deploy.sh Health check passes

Workflow Definition (GitHub Actions)

name: CI/CD

on:
  push:
    branches: [dev, main]
  pull_request:
    branches: [dev]

env:
  REGISTRY: ${{ secrets.REGISTRY }}

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.11"
      - run: pip install black
      - run: black --check src/ tests/

  test:
    runs-on: ubuntu-latest
    needs: lint
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.11"
      - run: pip install -r requirements.txt
      - run: python setup.py build_ext --inplace
      - run: cd src && pytest ../tests/ -v

  security:
    runs-on: ubuntu-latest
    needs: lint
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.11"
      - run: pip install pip-audit
      - run: pip-audit -r requirements.txt

  build:
    runs-on: ubuntu-latest
    needs: [test, security]
    if: github.event_name == 'push'
    steps:
      - uses: actions/checkout@v4
      - uses: docker/setup-buildx-action@v3
      - uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ secrets.REGISTRY_USER }}
          password: ${{ secrets.REGISTRY_PASSWORD }}
      - uses: docker/build-push-action@v5
        with:
          context: .
          file: Dockerfile
          push: true
          tags: ${{ env.REGISTRY }}/azaion/detections-cpu:${{ github.sha }}
          cache-from: type=gha
          cache-to: type=gha,mode=max

  e2e:
    runs-on: ubuntu-latest
    needs: build
    steps:
      - uses: actions/checkout@v4
      - run: |
          cd e2e
          COMPOSE_PROFILES=cpu docker compose -f docker-compose.test.yml up \
            --build --abort-on-container-exit --exit-code-from e2e-runner

  deploy-staging:
    runs-on: ubuntu-latest
    needs: e2e
    if: github.ref == 'refs/heads/dev'
    environment: staging
    steps:
      - uses: actions/checkout@v4
      - run: |
          IMAGE_TAG=${{ github.sha }} \
          DEPLOY_HOST=${{ secrets.STAGING_HOST }} \
          DEPLOY_USER=${{ secrets.STAGING_USER }} \
          bash scripts/deploy.sh

  deploy-production:
    runs-on: ubuntu-latest
    needs: e2e
    if: github.ref == 'refs/heads/main'
    environment:
      name: production
      url: ${{ secrets.PRODUCTION_URL }}
    steps:
      - uses: actions/checkout@v4
      - run: |
          IMAGE_TAG=${{ github.sha }} \
          DEPLOY_HOST=${{ secrets.PRODUCTION_HOST }} \
          DEPLOY_USER=${{ secrets.PRODUCTION_USER }} \
          bash scripts/deploy.sh

Caching Strategy

Cache Type Scope Tool
Python dependencies Per requirements.txt hash actions/cache + pip cache dir
Docker layers Per Dockerfile hash BuildKit GHA cache
Cython compiled modules Per src/ hash actions/cache

Parallelization

  • test and security jobs run in parallel after lint
  • build waits for both test and security
  • GPU image build can be added as a parallel job to CPU build

Notifications

Event Channel
Build failure GitHub PR status check (blocks merge)
Security scan failure GitHub PR status check + team notification
Deployment success/failure Deployment environment status
Reference in New Issue View Git Blame Copy Permalink